1. Field of the Invention
The present invention relates to the field of computer network security and, in particular, to an apparatus and a method for securely submitting a request in a client and for securely processing a request in a server.
2. Description of Related Art
With the development of computer and Internet technologies, web applications, such as, Internet shopping and Internet banking, have been increasingly popularized. Client-side scripts are often utilized in these Web applications to improve user experience. However, the accompanying security issues have been increasingly serious, wherein Cross-Site Script (XSS) and Cross-Site Request Forgery (CSRF) attacks are typical.
The XSS attack refers to an attacker embedding a malicious script into a link that appears to be from a trustworthy source so that the embedded malicious script is sent to a client of a victim for execution, for example, in order to steal sensitive information of the user, when the victim clicks on the link. Also with use of the “Asynchronous JavaScript combined with the XML” (AJAX), the XSS attack can make a malicious request in the name of the victim without refreshing a new webpage, which may make such an attack much more concealed and hazardous. The CSRF attack refers to an attack where, for example, an email or a picture in which a malicious script is embedded is sent to a victim, so that the victim submits unwittingly a request to a server through a session started by the victim.
A combination of the XSS and CSRF attacks may be more hazardous. For a vulnerable web application exposed under this combination of the attacks, a server almost can not determine whether a received request is sent from a legal user or an embedded malicious script. As a result, the server has to just process blindly the request such as an account transfer request, which may result in a great loss of user benefit.
US20040260754 discloses a system and a method for alleviating XSS attack. In this patent document, a malicious script in an HTTP request is filtered at a server, that is, an input validation is performed at the server to prevent any malicious script from being injected and being propagated and executed at a browser of a user. Unfortunately, this solution can not address the problem of the CSRF attack for which no injection of a script is required at the server.
A solution of installing a security defense tool in a from of, e.g., a browser plug-in an ActiveX component, etc. at a client has also been proposed in the prior art so as to identify a legal script and a fraudulent attack with script injection at the client. However, for this solution, the user may be reluctant to install any new plug-in at the client in view of security, user experience, etc., and a potential plug-in conflict may occur with different applications.
To prevent the CSRF attack, a solution of adopting an unpredictable parameter or a secret token, which may increase the difficulty to forge a request, has been proposed in the prior art. However, this unpredictable parameter or secret token may be obtained by an attacker with the XSS attack, and consequently this solution can not prevent the combination of the XSS and CSRF attacks. In addition, for a solution in which a user is required to input his or her password for each request, the user experience may be very bad and the possibility of password theft may be increased.